Often, a database may have many users who need to access the database for different purposes. For example, an organization may have different departments or users tasked with performing different functions with regard to the database. For example, users from the payroll department may need to perform payroll functions corresponding to payroll items in the database, the sales teams may need to access and update client and sales data in the database, while administrative users may need to perform particular functions required for maintaining the database, such as data backups. Not all users however need to perform all the possible functions associated with a database, or need access to all the available data on the database. To this end, most databases support the function of roles, which a way to limit how different sets of users access a database. What is needed, however, is a way to further control when or under which conditions a user is allowed to perform the functions of a given role.